Curtis, Yes you are correct that you have to initiate your trust somewhere. The paradigm is that you trust the vendor that delivers the CA certificates to you (e.g., Mozilla, Microsoft, IBM, etc.) Hand delivering keys defeats the purpose of using certificates. If you were going to hand deliver keys, you might as well just use a symmetric cipher rather than asymmetric. If you want perfect unbreakable encryption then you should hand deliver one time pads between the parties.
Lou -- Artificial Intelligence is no match for Natural Stupidity - Unknown On Fri, Apr 6, 2018 at 8:44 AM, Pew, Curtis G <curtis....@austin.utexas.edu> wrote: > > > On Apr 6, 2018, at 7:57 AM, Charles Mills <charl...@mcn.org> wrote: > > > > Your certificate contains the public half of a public-private key pair. > You generated that pair and keep the private part private. > > > > The entire certificate is signed by a certificate authority. In other > words, it contains a hash encrypted with the private key of the CA. > > > > The recipient of the certificate verifies that it is valid by verifying > that the hash can be decrypted with the CA's public key, which is contained > in the recipient's CA certificate. > > > > So ... your private key has played no part in validating the certificate. > > > > Now ... for data traffic purposes, the recipient creates a random number > which will be used for secret key encryption/decryption of data traffic. He > encrypts that random number with the public key from the certificate and > sends it to you. You decrypt it with your private key and use it for secret > key encryption/decryption of session traffic. That is where your private > key comes in. > > > > The above is a simplification and leaves out details like client > certificates and intermediate certificates, but it accurately represents > the essence of the thing. > > Just to play devil’s advocate here, though: > > • How do you know if you can trust the CA? How carefully do they vet the > source of the public key before they sign it? How carefully do they secure > their private key? > > • For that matter, how carefully has the person you’re communicating with > secured his private key? > > At some point you have to trust someone, but if you’re super paranoid (as > seemed to be the case in the post that started this discussion) you’ll want > to limit how many people you trust, and you’ll want to continually verify > that your trust is warranted. I can conceive of cases where you’d want to > begin by asking your partner to hand deliver his public key, and provide > strong guarantees about his policies for securing the corresponding private > key. > > > -- > Pew, Curtis G > curtis....@austin.utexas.edu > ITS Systems/Core/Administrative Services > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
